There is an updated pull request by heliocat against master on the void-packages repository https://github.com/heliocat/void-packages iptables https://github.com/void-linux/void-packages/pull/31145 iptables: adjust run scripts for more configuration flexibility The single configuration file approach that the iptables services provide precludes using it in more complicated buildouts such as ones defined with config management tools. This change takes a hybrid approach of the old method (to preserve backwards compatibility, etc) and the method taken with void-ansible-roles/network. Changes: No longer flush tables prior to loading new data - rely on finish in all cases Load data from /etc/iptables/iptables.rules and all found /etc/iptables.d/\*.rules Ditto ip6 equivalents (ip6rules.rules, ip6tables.d/\*.{,6}rules) Flush nat table in both v4 and v6 mode (nat table supported on v6 since kernel 3.7) Caveats: the ip6tables.d match is overly explicit since dash does not provide brace expansion and there is no particularly clean way to match a single character or empty when expanding globs. @ailiop-git #### General - [ ] This is a new package and it conforms to the [quality requirements](https://github.com/void-linux/void-packages/blob/master/Manual.md#quality-requirements) #### Have the results of the proposed changes been tested? - [x] I use the packages affected by the proposed changes on a regular basis and confirm this PR works for me - [ ] I generally don't use the affected packages but briefly tested this PR #### Does it build and run successfully? (Please choose at least one native build and, if supported, at least one cross build. More are better.) - [x] I built this PR locally for my native architecture, (x86_64) - [ ] I built this PR locally for these architectures (if supported. mark crossbuilds): - [ ] aarch64-musl - [ ] armv7l - [ ] armv6l-musl A patch file from https://github.com/void-linux/void-packages/pull/31145.patch is attached